util

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 6, 2022 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AnnotationTenantKubeConfigBase64 = "kubezoo.io/tenant.kubeconfig.base64"
	KubeZooClusterName               = "kube-zoo"

	RsaKeySize = 2048
	// CertificateValidity defines the validity, i.e., 10 Years, for all the signed certificates.
	CertificateValidity = time.Hour * 24 * 365 * 10
)
View Source 
const (
	TenantIDSeparator = "-"
	// TODO(renjingsi): move this to tenant apis and add some validations
	TenantIDLength = 6
	TenantIDKey    = "tenant"
)

Variables

This section is empty.

Functions

func AddTenantIDPrefix 

func AddTenantIDPrefix(tenantID, input string) string

AddTenantIDPrefix add tenantId as the prefix.

func AddTenantIDToUserInfo 

func AddTenantIDToUserInfo(tenantID string, info user.Info) user.Info

AddTenantIDToUserInfo add the tenantId to the extra of userinfo.

func ContainString 

func ContainString(sli []string, s string) bool

ContainString checks if the slice contains the string.

func ConvertCRDNameToUpstream 

func ConvertCRDNameToUpstream(name, tenantID string) string

ConvertCRDNameToUpstream convert the name of CRD with adding tenantId prefix in group.

func ConvertInternalListOptions 

func ConvertInternalListOptions(ctx context.Context, options *metainternalversion.ListOptions, tenantID string) (*metav1.ListOptions, error)

ConvertInternalListOptions converts internal versions to v1 version.

func ConvertTenantObjectNameToUpstream 

func ConvertTenantObjectNameToUpstream(name, tenantID string, gvk schema.GroupVersionKind) string

ConvertTenantObjectNameToUpstream convert the object to upstream object by adding tenantId prefix.

func ConvertUpstreamApiGroupToTenant 

func ConvertUpstreamApiGroupToTenant(tenantID string, apiGroup *metav1.APIGroup)

ConvertUpstreamApiGroupToTenant convert upstream the apigroup to tenant by trimming the tenantId prefix.

func ConvertUpstreamResourceListToTenant 

func ConvertUpstreamResourceListToTenant(tenantID string, resourceList *metav1.APIResourceList)

ConvertUpstreamResourceListToTenant convert upstream resource list to tenant by trimming the tenantId prefix.

func EncodeCertPEM 

func EncodeCertPEM(cert *x509.Certificate) []byte

EncodeCertPEM returns PEM-endcoded certificate data.

func EncodePrivateKeyPEM 

func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte

EncodePrivateKeyPEM returns PEM-encoded private key data.

func FilterUnstructuredList 

func FilterUnstructuredList(utdList *unstructured.UnstructuredList, tenantID string, isNamespaceScoped bool) *unstructured.UnstructuredList

FilterUnstructuredList filter the unstructures not belonged to the tenant

func FlattenResourceLists 

func FlattenResourceLists(resourceLists []*metav1.APIResourceList) (ret []metav1.APIResource)

FlattenResourceLists flattens the given nested list and return a list of resources.

func GenKubeconfig 

func GenKubeconfig(kubeZooServerAddress, tenantId string, caCert, clientKey, clientCert []byte) ([]byte, error)

GenKubeconfig signed a kubeconfig for the tenant.

func GetGVR 

func GetGVR(rsrc metav1.APIResource) schema.GroupVersionResource

GetGVR returns the corresponding GVR for the given APIResource.

func GetTenantIDFromNamespace 

func GetTenantIDFromNamespace(namespace string) (string, error)

GetTenantIDFromNamespace get the tenantId from the prefix of namespace.

func GetUnstructured 

func GetUnstructured(resource interface{}) (*unstructured.Unstructured, error)

GetUnstructured return Unstructured for any given kubernetes type.

func IsCRD 

func IsCRD(r metav1.APIResource) bool

IsCRD checks if the given APIResource is the CRD.

func IsCRDObject 

func IsCRDObject(obj runtime.Object) bool

IsCRDObject checks whether the input obj is a CRD object or not.

func IsGroupKindNamespaced 

func IsGroupKindNamespaced(kind metav1.GroupKind) (bool, error)

IsGroupKindNamespaced check the kind is namespace scoped or not.

func ListCRDsForTenant 

func ListCRDsForTenant(tenantID string, crdLister v1.CustomResourceDefinitionLister) ([]*extensionsv1.CustomResourceDefinition, error)

ListCRDsForTenant returns the CRDs belonged to the tenant.

func NewCertAndKey 

func NewCertAndKey(caCert *x509.Certificate, caKey crypto.Signer, config *Config) (*x509.Certificate, *rsa.PrivateKey, error)

NewCertAndKey creates new certificate and key by passing the certificate authority certificate and key.

func NewPrivateKey 

func NewPrivateKey() (*rsa.PrivateKey, error)

NewPrivateKey creates an RSA private key.

func NewSignedCert 

func NewSignedCert(cfg *Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)

NewSignedCert creates a signed certificate using the given CA certificate and key.

func NewTenantCertAndKey 

func NewTenantCertAndKey(caFile, caKeyFile, tenantID string) (*x509.Certificate, *rsa.PrivateKey, error)

NewTenantCertAndKey creates new certificate and key for the denoted tenant.

func RemoveString 

func RemoveString(sli []string, s string) (ret []string)

RemoveString removes the string from the slice, if found.

func TenantFrom 

func TenantFrom(ctx context.Context) (string, bool)

TenantFrom returns the value of the tenant info on the ctx.

func TenantIDFrom 

func TenantIDFrom(ctx context.Context) string

TenantIDFrom returns tenantID from ctx.

func TrimTenantIDFromError 

func TrimTenantIDFromError(err error, tenantID string) error

TrimTenantIDFromError trims tenantID from error message and returns the new error.

func TrimTenantIDFromStatus 

func TrimTenantIDFromStatus(status metav1.Status, tenantID string) metav1.Status

TrimTenantIDFromStatus trims tenantID from status and returns the new status.

func TrimTenantIDPrefix 

func TrimTenantIDPrefix(tenantID, input string) string

TrimTenantIDPrefix removes tenantId prefix.

func UpstreamObjectBelongsToTenant 

func UpstreamObjectBelongsToTenant(obj runtime.Object, tenantID string, isNamespaceScoped bool) bool

UpstreamObjectBelongsToTenant returns true if object belongs to tenant according to tenantID.

func ValidateTenantName 

func ValidateTenantName(tenantId string) *string

Types

type AltNames 

type AltNames struct {
	DNSNames []string
	IPs      []net.IP
}

AltNames contains the domain names and IP addresses that will be added to the API Server's x509 certificate SubAltNames field. The values will be passed directly to the x509.Certificate object.

type CheckGroupKindFunc 

type CheckGroupKindFunc func(group, kind, tenantID string, isTenantObject bool) (namespaced, customResourceGroup bool, err error)

CheckGroupKindFunc returns whether resource of the group/kind is namespaced and whether it is custom resource group for the tenant.

func NewCheckGroupKindFunc 

func NewCheckGroupKindFunc(crdLister v1.CustomResourceDefinitionLister) CheckGroupKindFunc

NewCheckGroupKindFunc returns a check function to check the group/kind type.

type Config 

type Config struct {
	CommonName         string
	Organization       []string
	OrganizationalUnit []string
	AltNames           AltNames
	Usages             []x509.ExtKeyUsage
}

Config contains the basic fields required for creating a certificate

type CustomGroupResourcesMap 

type CustomGroupResourcesMap map[string]map[string]*v1.CustomResourceDefinition

CustomGroupResourcesMap records the existence of all custom api group and resources for a tenant the first key is api group and the second key is resource name

func NewCustomGroupResourcesMap 

func NewCustomGroupResourcesMap(crdList []*v1.CustomResourceDefinition) CustomGroupResourcesMap

NewCustomGroupResourcesMap return a CRD map.

func (CustomGroupResourcesMap) GetCRD 

func (grm CustomGroupResourcesMap) GetCRD(apiGroup, resourceName string) *v1.CustomResourceDefinition

GetCRD return the CRD by APIGroup and resource name.

func (CustomGroupResourcesMap) HasGroup 

func (grm CustomGroupResourcesMap) HasGroup(apiGroup string) bool

HasGroup checks the map contains the api group or not.

func (CustomGroupResourcesMap) HasGroupResource 

func (grm CustomGroupResourcesMap) HasGroupResource(apiGroup, resourceName string) bool

HasGroupResource checks the map contains the group resource or not.

func (CustomGroupResourcesMap) HasGroupVersion 

func (grm CustomGroupResourcesMap) HasGroupVersion(apiGroup, version string) bool

HasGroupVersion checks the map contains the group version or not.

func (CustomGroupResourcesMap) HasGroupVersionResource 

func (grm CustomGroupResourcesMap) HasGroupVersionResource(apiGroup, version, resourceName string) bool

HasGroupVersionResource checks the map contains the group version resource or not.

func (CustomGroupResourcesMap) HasResource 

func (grm CustomGroupResourcesMap) HasResource(resourceName string) bool

HasResource checks the map contains the resource or not.

type FakeCRDLister 

type FakeCRDLister struct {
	Crds []*apiextensionsv1.CustomResourceDefinition
}

func (*FakeCRDLister) Get 

func (l *FakeCRDLister) Get(name string) (*apiextensionsv1.CustomResourceDefinition, error)

func (*FakeCRDLister) List 

func (l *FakeCRDLister) List(selector labels.Selector) (ret []*apiextensionsv1.CustomResourceDefinition, err error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.